Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1764 matches found

ATTACKERKB
ATTACKERKBadded 2026/06/01 12:0 a.m.6 views

CVE-2025-60483

A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

5.8AI score0.00017EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/06/01 12:0 a.m.5 views

CVE-2025-55664

A heap buffer overflow in the m2tsdmxsendpacket function filters/dmxm2ts.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

6AI score0.00017EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/01 12:0 a.m.8 views

EUVD-2025-210004

A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

5.5CVSS5.8AI score0.00017EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/06/01 12:0 a.m.7 views

CVE-2025-60485

A segmentation violation in the gfisomapplesettagex function /isomedia/isomwrite.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.8AI score0.00017EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/01 12:0 a.m.27 views

CVE-2025-60495

A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...

0.00017EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/01 12:0 a.m.27 views

CVE-2025-55664

A heap buffer overflow in the m2tsdmxsendpacket function filters/dmxm2ts.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

0.00017EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/01 12:0 a.m.9 views

PT-2026-45418

A heap use-after-free in the dasher process function /filters/dasher.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 file...

5.5CVSS5.8AI score0.00017EPSS
Exploits0References7
Debian CVE
Debian CVEadded 2026/06/01 12:0 a.m.10 views

CVE-2025-55664

A heap buffer overflow in the m2tsdmxsendpacket function filters/dmxm2ts.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS6AI score0.00017EPSS
Exploits0
Debian CVE
Debian CVEadded 2026/06/01 12:0 a.m.10 views

CVE-2025-60481

A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

5.5CVSS5.8AI score0.00017EPSS
Exploits0
Debian CVE
Debian CVEadded 2026/06/01 12:0 a.m.10 views

CVE-2025-60483

A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

5.5CVSS5.8AI score0.00017EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/01 12:0 a.m.27 views

CVE-2025-60485

A segmentation violation in the gfisomapplesettagex function /isomedia/isomwrite.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

0.00017EPSS
Exploits0References4
CVE
CVEadded 2026/06/01 12:0 a.m.10 views

CVE-2025-60495

CVE-2025-60495 describes a segmentation violation in the gf_media_get_color_info function (located in /media_tools/isom_tools.c) of the GPAC Project/MP4Box tool, vulnerable when using versions before 26.02.0. Successful exploitation via a crafted data file can cause a Denial of Service (DoS). The...

5.5CVSS5.8AI score0.00017EPSS
Exploits0References5
CVE
CVEadded 2026/06/01 12:0 a.m.9 views

CVE-2025-60486

Affected software: GPAC Project/MP4Box. Vulnerability: heap use-after-free in the dasher_process function ( /filters/dasher.c ). Root cause: heap-use-after-free flaw that can be triggered via crafted MPEG-2 input. Impact: Denial of Service (DoS). Versions: vulnerable before 26.02.0. Exploitation ...

5.5CVSS5.8AI score0.00017EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/05/28 8:13 p.m.9 views

CVE-2025-70116

A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields e.g., codec/mime/profile strings. gfmediamapesd then calls strlen on a NULL pointer, triggering a crash ASan SEGV...

4.3CVSS5.8AI score0.00048EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/28 2:16 p.m.10 views

CVE-2026-9572

A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function MediaGetSample of the file src/isomedia/media.c of the component MP4Box. Such manipulation of the argument cat leads to memory leak. The attack can only be performed from a local environment. Th...

5.5CVSS5.2AI score0.00019EPSS
Exploits1References1
OSV
OSVadded 2026/05/27 5:16 p.m.8 views

DEBIAN-CVE-2025-70116

A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields e.g., codec/mime/profile strings. gfmediamapesd then calls strlen on a NULL pointer, triggering a crash ASan SEGV...

4.3CVSS5.8AI score0.00048EPSS
Exploits0References1
OSV
OSVadded 2026/05/27 5:16 p.m.6 views

UBUNTU-CVE-2025-70116

A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields e.g., codec/mime/profile strings. gfmediamapesd then calls strlen on a NULL pointer, triggering a crash ASan SEGV...

4.3CVSS5.8AI score0.00048EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/05/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-9572

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function MediaGetSample of the file src/isomedia/media.c of the...

5.5CVSS5.3AI score0.00019EPSS
Exploits1References3
CVE
CVEadded 2026/05/27 12:0 a.m.11 views

CVE-2025-70116

CVE-2025-70116 affects GPAC MP4Box. A NULL pointer dereference occurs when parsing certain truncated MP4 files with an unknown/invalid stsd entry, leading to missing descriptor fields (e.g., codec/mime/profile strings). gf_media_map_esd then calls strlen() on a NULL pointer, triggering a crash (A...

4.3CVSS5.8AI score0.00048EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/05/27 12:0 a.m.4 views

GPAC MP4Box 安全漏洞

GPAC MP4Box is a multimedia packager. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. GPAC MP4Box has a security vulnerability that arises from parsing certain...

4.3CVSS5.8AI score0.00048EPSS
Exploits0References4
Rows per page
Query Builder